Microsoft Purview Data Governance provides comprehensive data cataloging, lineage, and classification across multi-cloud environments, integrating seamlessly with Azure to enhance data management and compliance with flexible APIs.
| Product | Mindshare (%) |
|---|---|
| Microsoft Purview Data Governance | 8.6% |
| Collibra Platform | 7.6% |
| Varonis Platform | 5.2% |
| Other | 78.6% |
| Type | Title | Date | |
|---|---|---|---|
| Category | Data Governance | Jun 22, 2026 | Download |
| Product | Reviews, tips, and advice from real users | Jun 22, 2026 | Download |
| Comparison | Microsoft Purview Data Governance vs Collibra Platform | Jun 22, 2026 | Download |
| Comparison | Microsoft Purview Data Governance vs Informatica Intelligent Data Management Cloud (IDMC) | Jun 22, 2026 | Download |
| Comparison | Microsoft Purview Data Governance vs Alation Data Catalog | Jun 22, 2026 | Download |
| Title | Rating | Mindshare | Recommending | |
|---|---|---|---|---|
| Microsoft Intune | 4.1 | N/A | 95% | 378 interviewsAdd to research |
| Microsoft Defender for Endpoint | 4.1 | N/A | 95% | 213 interviewsAdd to research |
| Company Size | Count |
|---|---|
| Small Business | 16 |
| Midsize Enterprise | 9 |
| Large Enterprise | 30 |
| Company Size | Count |
|---|---|
| Small Business | 808 |
| Midsize Enterprise | 491 |
| Large Enterprise | 1625 |
Microsoft Purview Data Governance is designed to streamline data management processes through effective data cataloging, lineage tracking, and classification, all within multi-cloud environments. It supports seamless integration with Azure, enabling metadata consolidation and flexible API data exchange, which contributes to enhanced governance. The platform emphasizes critical compliance and security by offering real-time compliance visibility. Automation features, role-based security, and native app connectivity are included to optimize time and resource expenditure. Users appreciate AI-driven risk detection and customizable classifications, effectively managing sensitive information. However, areas for improvement include data quality features, better integration with non-Microsoft products, and enhancing its interface intuitiveness. Improvements are also sought for role management, compliance reporting, support for diverse data sources, efficient lineage tracking, DLP capabilities, documentation, integration with external cloud platforms, and training resources. Real-time notifications and enhanced scanning are highlighted for better data management.
What are the essential features?Industries implement Microsoft Purview Data Governance to leverage its data cataloging, lineage, and loss prevention capabilities. The tool assists in scanning and documentation of data sources, aiding in data classification, governance, and compliance. Integration with tools like Synapse and Power Platform enables streamlined data management and improved data security across cloud-based and on-premises environments.
Microsoft Purview Data Governance was previously known as Microsoft Purview, MS Azure Purview.
| Author info | Rating | Review Summary |
|---|---|---|
| Tech lead at a healthcare company with 5,001-10,000 employees | 3.5 | I've used Microsoft Purview Data Governance for six months and found its automated data discovery valuable, though the interface feels complex compared to Big-ID; I’d recommend it for Azure users but rate it around 6-7. |
| Enterprise Architect at Wärtsilä | 3.5 | I’ve used Microsoft Purview Data Governance for 1.5 years with other Microsoft tools, valuing its integration, Data Catalog, and automated discovery. Governance features need improvement; RBAC and dashboards are unclear. Deployment was easy but required five people; support is 7/10. |
| Senior IT Security Risk & Compliance Analyst at a government with 501-1,000 employees | 4.0 | I use Microsoft Purview Data Governance mainly for communication compliance and data loss prevention. I value its visibility into Copilot usage and risk management, despite initial configuration challenges. Switching from Proofpoint, it provides comprehensive governance deployed on Microsoft Azure. |
| Mcafee Epo Administrator at Consultant/Converge Technology Solutions | 3.5 | I find Microsoft Purview Data Governance valuable for its data protection capabilities across multi-cloud environments, helping prevent accidental data sharing and ensuring secure access. Improved documentation on features and licensing would enhance its effectiveness as a comprehensive solution. |
| Data Governance Advisor at a government with 501-1,000 employees | 3.5 | I am developing a data catalog using Microsoft Purview Data Governance at TPR, focusing on AI readiness and data quality. While its features are comprehensive, more clarity on costs and enhanced data quality tools for AI are needed. |
| Dex engineer at a tech vendor with 1,001-5,000 employees | 4.0 | We label documents for automatic encryption based on sensitivity and plan to expand Microsoft Purview for data loss protection. Sensitivity labeling is key, allowing global data governance. We're piloting its use, with room for further fine-tuning. |
| Manager, Service Delivery & Solutions Architect at a computer software company with 1,001-5,000 employees | 4.5 | I use Microsoft Purview Data Governance for data governance and data protection across multi-cloud environments, appreciating its ease of use and compliance features. Although I see no immediate improvements needed, a watermark feature could enhance security for end users. |
| Senior Microsoft Consultant at a tech services company with 11-50 employees | 4.5 | In a highly regulated industry, we used Microsoft Purview to automate data governance in SharePoint Online, enhancing data protection and retention. While valuable, Purview's menu could be clearer for non-IT staff. Its use improved our organizational reputation. |
| Cloud Solutions Architect at Camera Corner Connecting Point | 4.0 | We use Microsoft Purview Data Governance to classify documents and control access, finding its reporting, device compatibility, and regulatory compliance features valuable. It surpasses previous Windows permissions, though we'd prefer auto-tagging at lower license levels. |
| Director at Pesaro IT | 4.0 | I implement Microsoft Purview for its data labeling and integration features, crucial for clients using multi-cloud environments and Microsoft 365. However, the compliance aspect needs improvement due to false positives, and more intuitive dashboards are necessary. |
I have utilized the Data Catalog feature. It helped manage and discover data effectively.
The DLP part and the AI related ones are the most valuable features. I mostly appreciate their automated data discovery.
Compared to Big-ID, Microsoft Purview Data Governance looks complicated to me. I do not feel it has a good user-level UI. The interface feels a little complicated compared to Big-ID.
I did not appreciate the configuration part. It felt complex, whereas when I went for a Big-ID demo, the interface looked better and was easier to understand for any user.
I have not done the configuration myself, as some of my team members have handled it.
We have not used other products or particular components, such as their data discovery one regarding customizable dashboards and reporting tools.
I would evaluate the role-based access control as good. I just went for a demo of Big-ID. If it is for AWS or Google Cloud, I would recommend Big-ID. If it is for Azure, then I would recommend Microsoft Purview Data Governance. My review rating for this product is 6-7.
We are currently working with Microsoft Purview Data Governance and other Microsoft products. We are using Microsoft Purview Data Governance.
I like the integrated tool and integrated benefits in Microsoft Purview Data Governance. I have actually used the Data Catalog feature. Data Catalog helps to manage and discover data effectively. I have leveraged automated data discovery in this scope.
The features in the actual data governance could be improved, and I think there is room for improvement in the product.
We haven't used role-based access control in a complex way; it's somehow embedded into the documents, but I don't know the details.
I don't know about the customizable dashboards in the product and whether they help to speed up the process.
We have been using Microsoft Purview Data Governance for about 1.5 years.
I would rate the technical support of Microsoft as seven out of ten.
Positive
It's easy to deploy Microsoft Purview Data Governance.
It requires assistance; I could not do it all by myself.
Five people took part in the deployment of the solution.
My main use cases for Microsoft Purview Data Governance are for communication compliance and DLP. We're starting to get into the data side of it, mainly focusing on communication compliance and DLP. I use Microsoft Purview Data Governance for data loss protection.
Microsoft Purview Data Governance gives a very good overview of our full environment. It also has integrations with Microsoft Sentinel and all the other tools, including Defender. I appreciate how they've recently added those portals at the bottom of Purview, making it just a one-click shot to switch.
Microsoft Purview Data Loss Protection is effective at remediating policy violations. It's catching all the things we need to catch.
Microsoft Purview Data Governance can connect to iOS, Mac, and Android devices and data in other SaaS apps. This is important because it gives us visibility or a 360-degree view of everything we need to do. We appreciate Microsoft. We've an E5 license, so we're heavily invested in Microsoft and appreciate what they do for us.
Microsoft Purview Data Governance delivers data protection across multi-cloud and multi-platform environments, including AWS and GCP. It integrates with many different cloud providers, and we have many legacy systems. That overview is really beneficial.
It is very important to us that Microsoft Purview Data Governance was built taking into account critical regulations from around the world, as we are highly regulated. Since we are in Canada, and Microsoft is based in the US, it is beneficial to know we are able to comply with our regulations.
Microsoft Purview Data Governance enables us to show our compliance in real time. We're highly regulated. It is excellent for auditing purposes and being able to go back as far as we need to. It's also beneficial that we can change the date timeline between 7 days to 10 years.
The features of Microsoft Purview Data Governance that I value most include communication compliance. It provides visibility into how people are using Copilot for Microsoft and gives insight into risks and sensitive conversations. It helps with investigations when personnel decisions need to be made.
Microsoft Purview Data Governance has helped my company by finding insider risks, ensuring data loss prevention, and achieving compliance to make sure everybody is compliant.
I found it challenging to configure Microsoft Purview Data Governance initially. With the integrations of Microsoft Copilot and 365, we don't have that enabled, but it would be beneficial to us to have that enabled, so that I could ask questions.
One of the challenges is that Microsoft changes things so quickly that sometimes you're just playing catch-up, and sometimes these changes aren't communicated effectively.
I have been using Microsoft Purview Data Governance for 18 months.
We've never had any issues with it going down.
We haven't had any issues with onboarding new integrations.
It is lacking a bit because I've opened some tickets, and it's taken months to resolve, or I've never even had them resolved.
I would give them an eight out of ten because they're doing adequately, but there have been some challenges.
Positive
Before choosing Microsoft Purview Data Governance, we used Proofpoint.
It was pretty seamless.
The biggest return on investment when using Microsoft Purview Data Governance is all the governance, providing that 360-degree view of everything going on.
It's not cheap. I'm not exactly sure how much our license costs, but it is very expensive.
Before choosing Microsoft Purview Data Governance, we considered another solution, but we're an agency of the government, so everything we procure has to be bid on, and one of our third-party vendors integrated it and put in the bid.
I would rate Microsoft Purview Data Governance an eight out of ten. I am not giving it a perfect score because there are still some gaps, and there are areas where they're still working.
Microsoft Purview Data Governance protects against data loss, helps prevent accidental data sharing, ensures the right people have access to data and helps remediate data issues.
One way that Microsoft Purview has benefited our organization is by preventing data leakage, which saves the company money on fines and protects its reputation.
The feature that I find most valuable is its ability to block unintended data sharing, like forcing unencrypted emails to be encrypted. We're evolving technologically, so people aren't always working from their desks. Our people are on the move. We have data everywhere. For example, in airlines, they're mobile and working from one door to another. They can't carry a computer from one station to another. That's where a lot of airlines use iPads. Securing and integrating iPads is helpful.
Purview's data protection across multi-cloud and multi-platform environments is essential because data is everywhere, and all data is important. We could have Social Security numbers in the cloud or on-prem, so it's crucial to protect them all.
The ability to consider regulations around the world is essential due to outsourcing. Many companies outsource to India or China, so it's important to protect data wherever it is. Purview provides visibility through its data classification module, which allows us to scan our environment and let us know where that sensitive data is.
One area for improvement is better documentation on what is working and what is not, as well as what features are allowed depending on your licensing model. It's essential to know if a feature isn't working due to missing licenses.
There are some bugs in how long it takes policies to apply. It can take seven days to 24 hours to determine whether a policy is effective.
The product is scalable and works across multi-cloud and multi-platform environments, but better performance could be useful.
I would rate Microsoft customer service seven out of 10. More updated documentation would improve our results, as Microsoft is always changing online, and the documentation doesn't update as quickly as the console.
Neutral
My company is a consulting company, and we have worked with various products. One such company is Varonis, which does similar functions but doesn't offer the one-stop-shop solution that Microsoft provides.
We are the consultants, so we are responsible for the deployment of the solution.
We don't typically see direct ROI since we're a consulting company. However, clients benefit from using a one-stop-shop solution, increasing their visibility across different platforms.
Licensing is frustrating due to multiple modules and licenses. The feature might be available in the console, but it won't work without the proper license, creating confusion.
I rate the Microsoft Purview Data Governance seven out of 10.
Neutral
We are labeling our documents, and based on those labels, encryption is applied depending on how sensitive the data is. Documents that leave our organization are automatically encrypted.
We plan to use Purview for data loss protection, but we aren't there yet. That's the next phase of our rollout. We're setting up governance, identification, and classification before moving to DLP. We have started some pilot groups within Teams to test how it will block PHI personal health information that's transmitted via text or voice in a transcript. We've seen some success, but it also blocks a lot of things that it shouldn't. It's a matter of fine-tuning.
We're going to have the benefit of being able to roll out Copilot more securely, but we're not there quite yet.
The sensitivity labeling is the most valuable feature because it is the foundation for automating the encryption process and ensuring proper data handling across the organization.
It is helpful that Purview can connect to iOS, Mac, and Android devices because you need to be able to govern the ecosystem no matter where your data is. Purview's consideration of critical regulations from around the world is crucial because we operate globally, so we need to adjust how data is handled for our employees in other countries.
We haven't really gotten too far into it to identify areas for improvement just yet.
We haven't been using it for long. We are currently in the pilot phase, gradually rolling it out. We've been building the policies, and the rollout to a pilot group started three weeks ago.
I couldn't really say about the stability so far, but I have confidence in it.
It's definitely scalable. With automation, you can label five documents or 50,000 with the same amount of clicks. It handles all the data you can throw at it.
I rate Microsoft customer service 10 out of 10. Support is a little slow, but it's very beneficial. They're skillful people who know what they're doing in their space. Some unforeseen speed bumps along the way have slowed things down. It's nor something that I would be mad about, but I wish the project would be done by now so we could get our Copilots all rolled up.
We have a good rapport with them and get along well. We can candidly talk to them about things and ask for help. They're always happy to do what they need to to get the answers we need.
Positive
We used some built-in legacy permissions and tools for file management, along with Excel's advanced features, which are now part of Microsoft Purview.
It's been a slow process. We're taking our time and working with a partner. It's been slow, but this is one of those cases where that's necessary.
We worked with a consultant named Lighthouse. They've been very beneficial, skillful, and know their field well. Despite some unforeseen speed bumps slowing the project, their expertise has been valuable.
We're working with a Microsoft partner to carefully create labels and test all the features and policies behind the labels. We rolled it out to our first pilot group. We have a test SharePoint site that we're using alongside that. Once we have more data and and feedback from the pilot group, we'll expand that company-wide.
The experience with pricing, setup costs, and licensing was smooth, as most Purview functionalities were included in the e5 licenses we migrated to for other reasons.
We did not evaluate any other solutions as we were acquiring an E5 license, which integrated Purview features without the need for exploring alternatives.
I rate Microsoft Purview Data Governance eight out of 10. Once you start using it and see what it can do, it's really intuitive.
I use Microsoft Purview Data Governance for data governance and data loss prevention. Its main purpose is to protect the data from end users and provide data governance.
One important feature is data security, which both end users and the organization seek. Microsoft Purview offers data protection across a multi-cloud and multi-platform environment.
It's critical that Purview connects to iOS, Mac, and Android. We could only secure some of our data if it only covered Windows. It provides a comprehensive view of the entire ecosystem's threats and compliance in real time. It's very easy to use.
Purview's compliance features are crucial. We have to match some cases in other countries to our own to comply with the policies, procedures, and regulatory frameworks here.
Although there is currently nothing that I feel needs immediate improvement, I appreciate the announcements for new features. A watermark feature or similar tools to help enhance security for end users could be added.
I have been using Microsoft Purview Data Governance for around six to seven months.
Microsoft Purview Data Governance is stable.
Scalability is good with Microsoft Purview Data Governance.
I rate Microsoft support six out of 10. The standard support is acceptable, but sometimes it doesn't respond fast enough. Overall, it doesn't meet our expectations.
Neutral
I have not used a different solution before Microsoft Purview.
The initial setup was not particularly easy, as it required maintaining the architecture to integrate user capabilities.
I did not use an integrator, reseller, or consultant for the implementation.
One of the best offerings by Microsoft is providing multiple solutions with one vendor. This has allowed us to maintain various solutions efficiently.
I did not evaluate another solution before Microsoft Purview.
I rate Microsoft Purview Data Governance nine out of 10.
My organization had a large amount of sensitive data stored primarily in SharePoint Online. We also operate in a highly regulated industry. Therefore, we wanted to take advantage of some of the features offered by Microsoft Purview. Initially, we focused on sensitivity and retention labels, but we later expanded to include data loss prevention and benchmarking our data against the built-in regulations offered by Purview.
It is important that Purview delivers data protection across multi-cloud and multi-platform environments. Many organizations have multiple systems, which can be difficult to manage. I know that many of my clients are currently trying to amalgamate their systems and bring them all under one umbrella, but there will always be cases where organizations will not be able to have everything in a single software solution like Microsoft 365. Being able to take advantage of Purview's excellent features and deploy them across not only 365 but also other systems makes it much easier. I think this is one of the reasons why organizations are starting to look at things like Purview: it has the ability to deploy more widely, saving organizations a lot of time and effort and centralizing control.
It is important that Purview can connect to iOS, Mac, and Android devices, as well as other data and SaaS apps. Many organizations issue portable devices to their staff, especially those with a high percentage of hybrid remote workers. These mobile devices have become essential, both personally and professionally. Having governance across multiple devices is a brilliant feature.
Purview's integrated data link compliance is a great feature. The biggest selling point for me is the ability to deploy it from one location; I haven't been able to manage everything in one place before. This makes it much easier for local administrators, and it can also be used across different environments.
The connectors for supporting non-Microsoft data sources are a brilliant feature and a smart move by Microsoft. They allow us to apply our governance policies to data sources such as Twitter and WhatsApp, which are used by many organizations for customer interaction. This is important because it allows us to protect our customers' data, even when they are interacting with us on multiple platforms.
My experience of the critical regulations that Purview was built taking into account is predominantly UK regulations. When I first started at my organization, part of my role was data protection. So being able to benchmark our data against the GDPR and some of the UK's specific regulations was fantastic. But now I work with multinational clients, so we have offices in various locations in different geographies. So having specific legislation for the areas in which they operate is brilliant. More organizations are spread across different continents and countries. So being able to apply different legislation to different parts of their estate depending on where their offices are operating is a fantastic feature.
We are currently updating our data loss prevention policy internally, and we highly recommend that our clients use Microsoft Purview for DLP as well. I demonstrated Purview to a client a few months ago, and they were incredibly impressed with how effective it can be. I think they were particularly surprised by how quickly it can identify sensitive data. For example, we did a quick test where we uploaded a document that contained a piece of personal information that we had asked the Purview policy to look for. As soon as we uploaded the document to a SharePoint document library, we received an email alert warning us that the sensitive information was present and could be accessed by others. The alert was almost instantaneous. This shows that Purview is a very effective system for protecting data.
Microsoft Purview has enabled us to truly embed a culture of data governance among staff. This has been a major success, not just within our own organization, but also with our partners and clients. Many people talk about the importance of data governance, but Purview has helped us to increase the knowledge base of our users and empower them to take ownership of their data, rather than relying solely on IT professionals or data protection staff. This is a real positive for any business, especially those that work with sensitive information. The automation capabilities of Purview have also been a huge hit with our users. The ability to automatically apply data labels and implement advanced encryption policies has made it much easier for us to protect our data.
In previous years, we have used various methods and systems to try to achieve the same outcome, including spreadsheets and stand-alone systems. We are heavy users of Microsoft 365, so it is our primary system, but we also use other systems. Having one solution that can deploy our core policies and protections across different devices and platforms.
Microsoft Purview's reduction of solutions simplified our data governance. In the past, our data was scattered across different locations, making it difficult to manage and protect. Purview has brought our data together into one place, making it easier for users to access and for us to implement data governance policies. I believe that the more systems we have, the greater the risk of data protection incidents and the more difficult it is to deploy a unified data governance strategy. Reducing the complexity of our IT infrastructure goes hand-in-hand with improving data governance.
Some of the features in Purview have illuminated areas of our data site. In particular, when we have worked with organizations with large volumes of data, it has helped us to identify issues. For example, benchmarking our state against GDPR highlighted aspects of our operations that were not compliant. This was more important than the areas that were compliant, as it helped us to focus our attention on where we needed to make improvements. This helps us to provide assurance to our board.
We are about to launch an internal awareness campaign about AI and how we can use it. Microsoft Purview is on the list of AI solutions we will be considering. We are also about to start using Microsoft Copilot, and some of our staff are already using ChatGPT. We are looking at AI solutions within Microsoft 365 and some of our other systems. This is an area that we are very keen to develop, and it is something that our clients are also interested in. We can explore this in more detail in the coming months.
I've been amazed at how quickly the automation responds, especially when we have a large dataset. It takes that pain away from Teams and acts as a monitor for us. It's saved a huge amount of time, and once it can demonstrate internally or to clients how effectively it does what they expect it to do, that will save more time, but people who are responsible for this information need a lot of reassurance.
Purview enables us to demonstrate our compliance in real-time. We provide live reports to auditors and anyone responsible for information security risk management. We can show them our compliance status in real-time, which is excellent.
Our meetings with compliance regulators are positive when they are familiar with Purview. However, if they are not, we must be able to demonstrate to them how effective the solution is and how it can assist the organization in improving its data governance and data security. This has made the meetings much more positive, as the regulators are more assured that we are being more responsive and effective with the information we hold.
Automation plays a significant role in reducing the time to action on insider threats. We have had procedures in place for identifying, mitigating, and responding to specific risks, both internally and accidentally. However, our previous procedures were very manual, which obviously takes time. Now, in some situations, we can respond almost instantly. Automation has significantly improved our response time. Data breaches, for example, used to take a long time to investigate under our old process. From when a user reported a breach to when we could start investigating, it took hours to complete the necessary paperwork and documentation. But by using automation and some of the features in PurView, we've been able to reduce that time to minutes. In some areas, we've probably been able to reduce investigation time by 50 percent or more.
Time-saving is probably the most important benefit of automation and AI. The more time we can save people, across the board, not just Purview, the better. When we can automate tasks and improve response times, it takes away the need for manual input and frees people to concentrate on more important things. This naturally has a financial benefit. From my role, I've seen that the time savings have been really important. In some areas, we've seen time savings of up to 50 percent. So, when deployed properly, the benefits of automation and AI are huge.
Our ability to oversee compliance using Purview has been a game-changer. We have developed our own in-house compliance and risk management software, which I have been involved in. However, using Purview has been even more impactful. In addition to the automation and time savings, the key thing for us is the educational aspect. Purview helps us to raise awareness and make the organization more data-aware, regardless of role. This enables us to identify issues and, more importantly, rectify them.
The sensitivity and retention options in Purview are excellent. We had an internal document retention schedule, but when we first created it, much of our data was in paper form. As our data became digitized and moved to SharePoint Online, particularly when we migrated away from our on-premises file server, the ability to replicate that retention schedule in Purview and deploy it across all of our SharePoint sites and OneDrive made life so much easier. Purview helped us automate and control our data without having to rely on people to manually tag documents with specific retention periods.
Similarly, our sensitivity labels were scattered throughout SharePoint Online. We wanted to push data governance internally, not just from a technical data management perspective, but also from an education perspective. So, we created a data classification system based on sensitivity and deployed it across our 365 apps, including Outlook, OneDrive, Teams, and SharePoint. This not only allowed us to protect more sensitive data and ensure that it was being handled responsibly, but it also allowed us to use features like prompting users to apply a label to a document before interacting with it. This helped us deploy labels more quickly and also got staff thinking about the data they were working with.
In my experience, particularly in organizations that work with a lot of sensitive data, staff can become complacent over time and desensitized to the importance of looking after that data if they're using it day in and day out. So, having a visual prompt to apply a label and think about the documents they're working with and what that means was a really useful way of promoting data governance across our business.
Some of the menu headings may not be easy to understand for some people. For example, when I first used Purview, I noticed that one of the self-compliance centers had changed its name. Microsoft has done a huge amount of updates, and sometimes it's hard to keep track of what Purview can do. We almost constantly have to explore it.
Maybe Microsoft could have a 365 roadmap where we can look at upcoming features, or some kind of bulletin announcement for Purview users that explains new features and what they can do in simple terms.
We could also look at the menu settings. In my experience of using Purview, we've never used it as an exclusive system for IT professionals or technical staff. We were very keen that other specialists around the business made use of some of these features because we thought that some of what Purview could do was relevant to other departments as well as IT. For example, we have HR managers and financial staff who use it.
I think that some of the terminology in Purview is pitched toward IT and tech professionals, and it may not be immediately understood by other specialists. This is something that could be improved.
I have been using Microsoft Purview for three years.
I haven't seen any issues so far with stability. I know that some policies can take a little bit of time to roll out, depending on how widely they're being deployed. For example, the first sensitivity policy I created took 24-48 hours to start functioning for users. However, this is to be expected in the cloud, as it can take time for changes to filter down. Once the policy became available, I didn't see any issues with it at all.
Microsoft Purview is scalable. When I first deployed it, we deliberately scaled it up by deploying a small number of cache users first, then an individual team, and eventually ramping it up across all of our SharePoint environments, we were able to deploy it widely across Teams, OneDrive, and Outlook as well.
All the interactions I've had with the technical support, they've been really good. So I've got no complaints at all.
Positive
Previously we had processes in place for things like data protection, naming conventions, and so on, but we were very reliant on our IT infrastructure for governance. Purview has allowed us to act more effectively and quickly, and to get more people involved at an administrator level. This has been empowering for some teams, particularly HR, which can now run policies appropriate for them without having to rely on IT. This has been a very positive change for those teams.
Purview was straightforward to deploy, but complex to bring staff up to speed. Like any organization, we have people with varying levels of understanding of these systems and what they are trying to achieve. So, while it was easy for our team members to create and deploy Purview, the education piece took time. For example, we deployed sensitivity and retention labels on a team-by-team basis, training each team and bringing them up to speed before moving on. We found this to be the easiest way to deliver the training internally. Overall, I think Purview is very straightforward from a technical point of view, but the difficulty of bringing staff up to speed will vary depending on the organization.
A core group of eight of us evaluated the various aspects of what Purview could do. We took ownership of the areas that applied to our roles or departments to deploy sensitivity and retention policies. It took us four months. We only took a few days to create the policies and set up the labels. However, we wanted to manage the rollout carefully because training was key to ensuring that staff would get the most out of the system. So, we didn't rush the rollout. However, the actual technical side, the creation itself, only took a few days, or a couple of meetings.
We recommend Purview to clients and don't know if they see an ROI. However, in my previous role at a previous organization, we used Purview internally. I cannot speak to exact figures, but I do know that our creditors regularly reviewed our viability, and data governance, data assurance, and data protection. Being able to demonstrate that we have these tools available to make us more secure as an organization and to protect the sensitive information we hold obviously had an effect on our reputation and viability in the eyes of our creditors and auditors. As a business, I would say that we felt Purview was worth the investment in that particular situation.
To get the full features of Purview, we currently need E5 enterprise licenses, which are expensive. I'm not sure what Microsoft's business model is for this, because we can acquire some of the features of Purview, or we can access it by speaking to our Microsoft partners or vendors. But I think Microsoft is currently pitching Purview primarily to medium to large organizations. I believe there is a real appetite for data governance in smaller businesses as well because all businesses have information that needs to be protected and governed effectively. I have clients who own small businesses who cannot justify the cost of E5 enterprise licenses. Some of them are on business standard or business premium licenses. I think Microsoft should consider reducing the price of Purview or making it more available to more people. Perhaps Microsoft could offer a scaled-down version of Purview. I know there is an appetite for Purview among smaller businesses, but they often have to do a cost-benefit analysis and decide that the additional cost is not justified. It's a shame because they would really benefit from some of the features of Purview.
I would rate Microsoft Purview nine out of ten. Purview is a highly effective and useful feature in Microsoft 365. As a technical system, it is brilliant. However, I am concerned that it may be too expensive for smaller businesses, which is a shame.
The first time I used and rolled out Purview, it was for multiple departments in a medium-sized business. By the end of the rollout, everyone was using it. Internally, we have deployed Purview to two of our geographical locations, but we still have some others to roll it out to. With my clients, the ones who have shown an interest in Purview and are using it tend to be larger businesses that work across geographies. They are deploying Purview to their various office locations in different countries. The speed of deployment depends on the size of the company. We have 150 users.
Purview needs to be reviewed periodically to ensure that the policies are still appropriate and effective. We have tried to automate as much of this process as possible, so from a maintenance point of view, Purview does not require much manual effort. However, we do have a core group of people who regularly review Purview to stay ahead of new features and to determine whether they are appropriate for our organization.
We are currently reviewing some of the new features and redoing many of our policies. In some cases, we are considering switching from manual hard copy or written policies to policies in Purview, either to work alongside their document or to replace it. We will be gearing up for this transition soon.
I would test Purview, explore its features, and seek advice from people who have used it or from Microsoft themselves. This would help me to understand what it can do. I think it is important to avoid keeping Purview as an IT-only tool. Instead, promote its capabilities to a wider audience, including other stakeholders. Once creating and deploying solutions in Purview, I recommend deploying them to a targeted area first and then scaling them up. If a retention policy is suddenly deployed across the entire estate, people may not understand what they are looking at and may resist using it. My advice is to learn about Purview, share the learned knowledge with others, and involve other areas of the business in its deployment. Also, think carefully about how to deploy Purview in a way that minimizes disruption.
Our primary use case for Microsoft Purview Data Governance was to classify documents and ensure that people were getting the information they were supposed to. We initially adopted it internally before working with customers. We use it for both internal purposes and as a selling point.
It has helped to ensure that employees don't access content they shouldn't and has improved our organizational processes. Familiarity with Microsoft Purview also helps us sell the product.
The visibility has helped tremendously. We can see where documents are stored and the security that has been applied. It helps to see where things are from one place.
The reporting is excellent. Limiting what people can see is also valuable, especially when tagging documents. Purview's ability to connect to iOS, Mac, and Android devices is critical. This is a huge selling point because people use various devices in their companies.
The solution's multi-cloud capabilities will be increasingly essential as we expand into AWS. We don't do a lot of GCP, but using Purview as a single point of truth is huge.
The fact that Purview is built based on critical regulations is crucial because we deal with so many kinds of customers. We have to talk to them about what they can and can't do according to their requirements and the regulations they're under.
Auto-tagging should be available at lower levels of licensing. Right now, a high level of licensing is needed for auto-tagging, and this feature should be made available at a lower license level.
I have been using Microsoft Purview Data Governance for at least five years.
The stability is great.
Scalability is also great. We haven't encountered any issues.
I try to avoid opening tickets with Microsoft due to long response times, which is frustrating. We tend to use Microsoft documentation and Microsoft Learn instead.
Positive
Previously, we relied on permissions in Windows on file shares, but Microsoft Purview works much better.
The initial setup was pretty straightforward, but manual tagging was challenging because people needed to get used to it.
We did not use an integrator.
We don't specifically look at ROI in a traditional sense. What's crucial is keeping information secure and accessible.
The auto-tagging feature should be available at a lower licensing level.
We did not evaluate other solutions. Microsoft Purview's inclusion in licensing made it an obvious choice.
I rate Microsoft Purview Data Governance eight out of 10. It loses points because auto-tagging is only available at higher licensing levels.
I'm an IT consultant, and I have several clients ranging from small businesses and start-ups to large FTSE 100, multi-billion-pound companies. I've implemented Purview from a data security perspective, such as aggregating data using the DLP and AIP (Azure Information Protection). The point of Purview is to enable companies to have a grip on their data and create rules, policies, and visibility around that.
One of the biggest positives of Purview is the visibility you gain into your estate. Once you start labelling data, you can get reports and information about where your confidential and critical data are. It gives you far more visibility than you would have if you tried to do things manually.
While Purview doesn't reduce the number of systems you need, it covers the functionality of data security that, otherwise, would have to be done by a third-party product. And it probably would not only be one third-party solution. Only something like Varonis would be really comparable, in my experience.
By avoiding the need for a third-party product for data security, because it's a bolt-on with the 365 licenses—E3 or E5—it absolutely saves you money.
The labelling is the most valuable feature for the companies I'm installing it for. Some of them have several thousand staff, and their concerns are around confidential or private data being shared. The labels and the policies involved with them give them that initial visibility.
It's absolutely important that it covers multi-cloud and multi-platform environments, including AWS, GCP, et cetera. If you're going to have a DLP solution, it needs to cover as much as possible. A solution that doesn't integrate with other systems isn't going to work for most companies. That's one of the reasons I like Purview: you can plug in and use APIs to connect to other systems and scan other data.
As for connecting to iOS, Mac, and Android devices, the more the better in terms of what Purview can do from a connection aspect.
And Purview's natively integrated compliance across Azure Dynamics and Office 365 is absolutely essential. It's really good. A lot of my clients are Office 365 customers, and they hold a lot of their data in the 365 tenant. It makes Purview an obvious choice for customers with that environment and setup. Any company that uses Microsoft 365 should use Purview to some degree.
Another aspect that is very important is that the solution was built taking into account critical regulations from around the world. Some of my clients are huge financial organizations, and they need to implement things like ISO security, GDPR, and financial scanning on things like credit card numbers. It's really good.
I've also implemented the DLP policies, settings, scanning, et cetera, as well as rules around that. For example, when data is encrypted when it's sent or shared, there is no forwarding of emails.
There are negatives to the compliance aspect of Purview in that you get a lot of false positives with some of the native scanning and rules in the platform. A lot of them need tweaking to get a more realistic handle on what data there is.
Also, I wouldn't say that the remediation of policy violations is particularly great. It has improved, but it's not very easy to dig into things if there is a policy violation. A lot of them are false-positives.
It has helped reduce the time to action on insider threats, but there are quite a lot of false positives there as well. Overall, it's a work in progress for Microsoft.
I would also like to see pre-built reporting. The dashboard isn't really that intuitive. It would be good to have more intuitive dashboards that you can drill down into or even customizable dashboards.
I've been using Purview for about three years, almost since the functionality was available at the beginning.
The stability of Purview is almost faultless. It's a nine out of 10.
The scalability is very good—nine out of 10 again. Once all the data is in Purview, you don't need to worry about scalability. It would only apply when you need to bring in a new integration or application, and that is fairly easy to do.
The support is not particularly good. I've probably had some more advanced issues than the average person, due to having deployed it into a more mature config, and I found that on two or three occasions, when I had an issue or question around Purview, I really didn't have a good person at Microsoft talk to me about it. It needed to go through quite a lot of escalation to get to someone with advanced skill for it.
Neutral
I've installed it on-premises, hybrid, and in the cloud. It works best when it's all in the cloud. The initial deployment is really straightforward. It's one of the easiest products I've deployed from Microsoft.
There is maintenance involved; policies and alerts need to be reviewed. The whole data security aspect is an ongoing process.
I do it myself.
We have seen ROI because we're not having to pay for third-party scanning or security on our files.
In addition, while you can't measure it, we know our data is at less risk. We have a lot more confidence in that regard.
Also, potentially, you don't need as many security staff to monitor it, with the possibility of savings from that.
The pricing is reasonable because it's part of the 365 E3 or E5 license you buy.
What I would like to see is that Microsoft Priva, which is an add-on to Purview, be absorbed into the solution for a smaller sized consumer/company.
I have also used Varonis as an alternative. The biggest difference is that Varonis is a standalone product, whereas Purview is built into Office 365. That's the biggest positive for Purview, in comparison. That makes it easier, with Purview, to customize and switch on the scanning of data without having to go through rigorous processes to capture data, as is the case with Varonis.
Get someone who is experienced in deploying it.
Purview's data connector platform for ingestion from non-Microsoft data sources is improving fast. Originally, there wasn't as much there as I'd have hoped for, but the platform has been developed heavily in the last 18 months, and it's pretty good now. When you can see the apps from third parties in the GUI, it just makes it really easy to integrate them.
Purview doesn't really do that much to educate users on how to best handle sensitive data. That's more down to how the user is trained. It's only as good as how it is set up by the company. Like with all products, it is only as good as how well it is initialized, configured, and maintained.
When it comes to seeing compliance in real time, Purview does roughly give you that, but it's only as good as how it's configured. If it's not configured well to scan all of the data areas in your company, it won't do the job. To give you an example, someone could have Purview switched on but have a hybrid-cloud environment and not be scanning their on-premises file services. Purview can do that, but they might not have configured it to do so.
I would give Purview a solid eight out of 10. It has come a long way since I started using it. There is still work that needs to be done on it, but they've done a great job on it so far.
